Completely disable xml entity resolution

author: mae <git@badat.dev> 2023-08-05 14:13:49 +0200
committer: mae <git@badat.dev> 2023-08-05 14:17:04 +0200
commit: 48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2 (patch)
tree: 623433efceefe6deead177525714b216f1610829 /changelog.d/disable-xml-entity-resolution.security
parent: 17c336de66b757ef90e9e229d086c7b83fb1573e (diff)
download: pleroma-48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2.tar.gz
pleroma-48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/disable-xml-entity-resolution.security b/changelog.d/disable-xml-entity-resolution.security
new file mode 100644
index 000000000..db8e12f67
--- /dev/null
+++ b/changelog.d/disable-xml-entity-resolution.security
@@ -0,0 +1 @@
+Disable XML entity resolution completely to fix a dos vulnerability
author	mae <git@badat.dev>	2023-08-05 14:13:49 +0200
committer	mae <git@badat.dev>	2023-08-05 14:17:04 +0200
commit	48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2 (patch)
tree	623433efceefe6deead177525714b216f1610829 /changelog.d/disable-xml-entity-resolution.security
parent	17c336de66b757ef90e9e229d086c7b83fb1573e (diff)
download	pleroma-48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2.tar.gz pleroma-48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2.zip